Software Guide
Page 11
... Packets 7 Routed Packets 7 Multicast Packets 8 Using Cisco IOS ACLs in your Network 9 Hardware and Software Handling of Cisco IOS ACLs with PFC 10 Hardware and Software Handling of Cisco IOS ACLs with PFC2 12 Using VACLs with Cisco IOS ACLs 15 Guidelines for Configuring Cisco IOS ACLs and VACLs on the Same VLAN... VACLs From the CLI 29 Configuring and Storing VACLs and QoS ACLs in Flash Memory 42 Automatically Moving the VACL and QoS ACL Configuration to Flash Memory 43 Manually Moving the VACL and QoS ACL Configuration to Flash Memory 44 Running with the VACL and QoS ACL Configuration in Flash...
... Packets 7 Routed Packets 7 Multicast Packets 8 Using Cisco IOS ACLs in your Network 9 Hardware and Software Handling of Cisco IOS ACLs with PFC 10 Hardware and Software Handling of Cisco IOS ACLs with PFC2 12 Using VACLs with Cisco IOS ACLs 15 Guidelines for Configuring Cisco IOS ACLs and VACLs on the Same VLAN... VACLs From the CLI 29 Configuring and Storing VACLs and QoS ACLs in Flash Memory 42 Automatically Moving the VACL and QoS ACL Configuration to Flash Memory 43 Manually Moving the VACL and QoS ACL Configuration to Flash Memory 44 Running with the VACL and QoS ACL Configuration in Flash...
Software Guide
Page 37
... register is a ROM-based program that executes upon platform power-up, reset, or when a fatal exception occurs. You can load a system image manually from Flash memory, from a network server file, or from bootflash. Note The Break key is configured to the Catalyst 6000 Family Command Reference publication. For descriptions of whether... to be off by restarting the switch and pressing the Break key during the first 60 seconds of startup. Note For a description of the ATM Cisco IOS CLI and commands, refer to enter ROM-monitor mode.
... register is a ROM-based program that executes upon platform power-up, reset, or when a fatal exception occurs. You can load a system image manually from Flash memory, from a network server file, or from bootflash. Note The Break key is configured to the Catalyst 6000 Family Command Reference publication. For descriptions of whether... to be off by restarting the switch and pressing the Break key during the first 60 seconds of startup. Note For a description of the ATM Cisco IOS CLI and commands, refer to enter ROM-monitor mode.
Software Guide
Page 46
...CLI, enter Console> switch console [mod] the MSFC CLI. Cisco IOS Command-Line Interface These sections describe basic Cisco IOS configuration tasks you previously entered, press the up -arrow key to the supervisor engine console port. At the EXEC prompt, enter enable Router> enable... mode. This form of help is called command syntax help, because it reminds you which keywords or arguments are applicable based on page 2-4. memory...
...CLI, enter Console> switch console [mod] the MSFC CLI. Cisco IOS Command-Line Interface These sections describe basic Cisco IOS configuration tasks you previously entered, press the up -arrow key to the supervisor engine console port. At the EXEC prompt, enter enable Router> enable... mode. This form of help is called command syntax help, because it reminds you which keywords or arguments are applicable based on page 2-4. memory...
Software Guide
Page 225
... entries: 4 Bridge entries: 12 Drop entries: 2 Understanding Forwarding Decisions CEF for PFC2 provides Layer 3 switching based on: • Entries in the ACL ternary content addressable memory (TCAM) for policy-based routing decisions • Entries in the NetFlow table for TCP intercept and reflexive ACL forwarding decisions (see the "Understanding NetFlow Statistics...
... entries: 4 Bridge entries: 12 Drop entries: 2 Understanding Forwarding Decisions CEF for PFC2 provides Layer 3 switching based on: • Entries in the ACL ternary content addressable memory (TCAM) for policy-based routing decisions • Entries in the NetFlow table for TCP intercept and reflexive ACL forwarding decisions (see the "Understanding NetFlow Statistics...
Software Guide
Page 239
...to display a summary of IP MMLS information on the MSFC: Router# show mls ip multicast summary 7 MMLS entries using 560 bytes of memory Number of partial hardware-switched flows:2 Number of the SCP system. 78-13315-02 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and ...Multicast Distributed Switching Services Using Debug Commands on the SCP Table 13-4 describes the Serial Control Protocol (SCP)-related debug commands to the hardware switching engine. [no] debug mls ip multicast all [no ] debug mdss all Turns on all MDSS messages. 1. Turns on MDSS1 error messages. [...
...to display a summary of IP MMLS information on the MSFC: Router# show mls ip multicast summary 7 MMLS entries using 560 bytes of memory Number of partial hardware-switched flows:2 Number of the SCP system. 78-13315-02 Catalyst 6000 Family Software Configuration Guide-Releases 6.3 and ...Multicast Distributed Switching Services Using Debug Commands on the SCP Table 13-4 describes the Serial Control Protocol (SCP)-related debug commands to the hardware switching engine. [no] debug mls ip multicast all [no ] debug mdss all Turns on all MDSS messages. 1. Turns on MDSS1 error messages. [...
Software Guide
Page 268
... by MAC address. show cam msfc [vlan] This example shows how to display the CAM entries: Console> show cam command displays the content-addressable memory (CAM) entries associated with a specific MAC address. If the MAC address belongs to an MSFC, an "R" is appended to display the CAM entries... displayed. If you specify a VLAN number, only those CAM entries corresponding to destination-source flow. Console> (enable) Displaying CAM Entries on the Supervisor Engine The show cam msfc VLAN Destination MAC Destination-Ports or VCs 194 00-e0-f9-d1-2c-00R 7/1 193 00-00-0c-07-ac-c1R...
... by MAC address. show cam msfc [vlan] This example shows how to display the CAM entries: Console> show cam command displays the content-addressable memory (CAM) entries associated with a specific MAC address. If the MAC address belongs to an MSFC, an "R" is appended to display the CAM entries... displayed. If you specify a VLAN number, only those CAM entries corresponding to destination-source flow. Console> (enable) Displaying CAM Entries on the Supervisor Engine The show cam msfc VLAN Destination MAC Destination-Ports or VCs 194 00-e0-f9-d1-2c-00R 7/1 193 00-00-0c-07-ac-c1R...
Software Guide
Page 281
... a summary of IP MMLS information on the MSFC: Router# show mls ip multicast summary 7 MMLS entries using 560 bytes of memory Number of partial hardware-switched flows:2 Number of complete hardware-switched flows:5 Router# Using Debug Commands on MDSS-related events. MDSS ...= Multicast Distributed Switching Services Description Configures filtering that applies to the hardware switching engine. Displays IP MMLS events. Table 14-9 IP MMLS Debug Commands Command [no] debug mls ip multicast group group_id group_mask [no]...
... a summary of IP MMLS information on the MSFC: Router# show mls ip multicast summary 7 MMLS entries using 560 bytes of memory Number of partial hardware-switched flows:2 Number of complete hardware-switched flows:5 Router# Using Debug Commands on MDSS-related events. MDSS ...= Multicast Distributed Switching Services Description Configures filtering that applies to the hardware switching engine. Displays IP MMLS events. Table 14-9 IP MMLS Debug Commands Command [no] debug mls ip multicast group group_id group_mask [no]...
Software Guide
Page 297
... chapter consists of hardware you install on VLANs, page 16-7 • Using Cisco IOS ACLs in your Network, page 16-9 • Using VACLs with Cisco IOS ACLs, page 16-15 • Using VACLs in your supervisor engine. Configuration of the ACLs depends on the type of these sections: • ...8226; Supported ACLs, page 16-2 • Applying Cisco IOS ACLs and VACLs on your Network, page 16-22 • Unsupported Features, page 16-27 • Configuring VACLs, page 16-28 • Configuring and Storing VACLs and QoS ACLs in Flash Memory, page 16-42 • Configuring Policy-Based ...
... chapter consists of hardware you install on VLANs, page 16-7 • Using Cisco IOS ACLs in your Network, page 16-9 • Using VACLs with Cisco IOS ACLs, page 16-15 • Using VACLs in your supervisor engine. Configuration of the ACLs depends on the type of these sections: • ...8226; Supported ACLs, page 16-2 • Applying Cisco IOS ACLs and VACLs on your Network, page 16-22 • Unsupported Features, page 16-27 • Configuring VACLs, page 16-28 • Configuring and Storing VACLs and QoS ACLs in Flash Memory, page 16-42 • Configuring Policy-Based ...
Software Guide
Page 324
...NVRAM. A packet that you can configure Cisco IOS ACLs and VACLs from Flash memory instead of ACEs in your Network" section on page 16-22 for Cisco IOS ACLs and VACLs must enter the commit... Follow these guidelines when configuring VACLs: Caution All changes to a VLAN. If there is no Cisco IOS ACL configured to deny traffic on both MSFCs. • Note that the system might not...the "Configuring and Storing VACLs and QoS ACLs in Flash Memory" section on page 16-42 for detailed information. • See the "Guidelines for Configuring Cisco IOS ACLs and VACLs on the Same VLAN Interface" ...
...NVRAM. A packet that you can configure Cisco IOS ACLs and VACLs from Flash memory instead of ACEs in your Network" section on page 16-22 for Cisco IOS ACLs and VACLs must enter the commit... Follow these guidelines when configuring VACLs: Caution All changes to a VLAN. If there is no Cisco IOS ACL configured to deny traffic on both MSFCs. • Note that the system might not...the "Configuring and Storing VACLs and QoS ACLs in Flash Memory" section on page 16-42 for detailed information. • See the "Guidelines for Configuring Cisco IOS ACLs and VACLs on the Same VLAN Interface" ...
Software Guide
Page 337
... and the range is displayed on the console. Step 4 Step 5 Step 6 Enter the set security acl ip acl_name deny log command to 2048; If either memory is not enough or the maximum number is over the max_num limit, an error message is displayed and the command is dropped. This example shows...
... and the range is displayed on the console. Step 4 Step 5 Step 6 Enter the set security acl ip acl_name deny log command to 2048; If either memory is not enough or the maximum number is over the max_num limit, an error message is displayed and the command is dropped. This example shows...
Software Guide
Page 338
... TCP Destination port : 3000 Received Packet Number : 10 This example shows how to this feature, all ACL configurations are stored in Flash memory instead of QoS and security ACLs (VACLs), NVRAM could become full. Note In most cases, the 512-KB NVRAM is cleared. therefore,... all configuration information was stored in Flash Memory This section describes how to another. ACL my_cap successfully committed. With the addition of NVRAM. Console> (enable) This example shows how to...
... TCP Destination port : 3000 Received Packet Number : 10 This example shows how to this feature, all ACL configurations are stored in Flash memory instead of QoS and security ACLs (VACLs), NVRAM could become full. Note In most cases, the 512-KB NVRAM is cleared. therefore,... all configuration information was stored in Flash Memory This section describes how to another. ACL my_cap successfully committed. With the addition of NVRAM. Console> (enable) This example shows how to...
Software Guide
Page 339
...Switch Boot Configuration," for the upgrade. If you might try to delete unneeded VACLs and QoS ACLs and save the configuration to Flash memory (as described in the "Moving the VACL and QoS ACL Configuration Back to NVRAM" section on using the set boot config-register...:NVRAM full. Qos/Security ACL configuration deleted from NVRAM. Chapter 16 Configuring Access Control Configuring and Storing VACLs and QoS ACLs in Flash Memory This section describes the following : • Sets the CONFIG_FILE variable to bootflash:switchapp.cfg • Enables the set config acl nvram ...
...Switch Boot Configuration," for the upgrade. If you might try to delete unneeded VACLs and QoS ACLs and save the configuration to Flash memory (as described in the "Moving the VACL and QoS ACL Configuration Back to NVRAM" section on using the set boot config-register...:NVRAM full. Qos/Security ACL configuration deleted from NVRAM. Chapter 16 Configuring Access Control Configuring and Storing VACLs and QoS ACLs in Flash Memory This section describes the following : • Sets the CONFIG_FILE variable to bootflash:switchapp.cfg • Enables the set config acl nvram ...
Software Guide
Page 340
... environment variable after a reset or power cycle. Console> (enable) copy acl-config bootflash:switchapp.cfg Upload ACL configuration to the standby supervisor engine. Console> (enable) set boot config-register auto-config' commands to overwrite the NVRAM configuration or be enabled or disabled. Configuring and... Storing VACLs and QoS ACLs in Flash Memory Chapter 16 Configuring Access Control Manually Moving the VACL and QoS ACL Configuration to Flash Memory If your VACL and QoS ACL configuration requirements require more memory than the 512-KB NVRAM, you can manually ...
... environment variable after a reset or power cycle. Console> (enable) copy acl-config bootflash:switchapp.cfg Upload ACL configuration to the standby supervisor engine. Console> (enable) set boot config-register auto-config' commands to overwrite the NVRAM configuration or be enabled or disabled. Configuring and... Storing VACLs and QoS ACLs in Flash Memory Chapter 16 Configuring Access Control Manually Moving the VACL and QoS ACL Configuration to Flash Memory If your VACL and QoS ACL configuration requirements require more memory than the 512-KB NVRAM, you can manually ...
Software Guide
Page 341
...memory, it is not set or none of the files specified exist, the following syslog message displays: 1999 Sep 01 17:00:00 %SYS-0-CFG_FLASH_ERR:ACL configuration set to flash but either the CONFIG_FILE variable is removed from the auto-config file is synchronized automatically to the standby supervisor engine... to the NVRAM configuration. At this file after commit operations. • If you move the VACL and QoS ACL configuration to Flash memory, QoS ACLs and VACL commit operations are no longer written to NVRAM. Chapter 16 Configuring Access Control Configuring and Storing VACLs and QoS ...
...memory, it is not set or none of the files specified exist, the following syslog message displays: 1999 Sep 01 17:00:00 %SYS-0-CFG_FLASH_ERR:ACL configuration set to flash but either the CONFIG_FILE variable is removed from the auto-config file is synchronized automatically to the standby supervisor engine... to the NVRAM configuration. At this file after commit operations. • If you move the VACL and QoS ACL configuration to Flash memory, QoS ACLs and VACL commit operations are no longer written to NVRAM. Chapter 16 Configuring Access Control Configuring and Storing VACLs and QoS ...
Software Guide
Page 342
...automatically. Interacting with High Availability After a supervisor engine switchover, the VACL and QoS ACL configuration on the active supervisor engine is automatically synchronized to Layer 2 traffic. When you insert a new standby supervisor engine, the active supervisor engine automatically synchronizes the auto-config file. ... load balancing appliances are involved, or where firewall load balancing is stored in Flash memory, the auto-config file on the standby supervisor engine is required. The only difference is that the data is performed. Configuring Policy-Based...
...automatically. Interacting with High Availability After a supervisor engine switchover, the VACL and QoS ACL configuration on the active supervisor engine is automatically synchronized to Layer 2 traffic. When you insert a new standby supervisor engine, the active supervisor engine automatically synchronizes the auto-config file. ... load balancing appliances are involved, or where firewall load balancing is stored in Flash memory, the auto-config file on the standby supervisor engine is required. The only difference is that the data is performed. Configuring Policy-Based...
Software Guide
Page 372
You can fix this problem by increasing the dynamic random-access memory (DRAM). To obtain more information on a dynamic port. Troubleshooting Dynamic Port VLAN Membership A dynamic port might see when you might shut down dynamic port, enter ...
You can fix this problem by increasing the dynamic random-access memory (DRAM). To obtain more information on a dynamic port. Troubleshooting Dynamic Port VLAN Membership A dynamic port might see when you might shut down dynamic port, enter ...
Software Guide
Page 408
..., and so forth. If the switch has a redundant supervisor engine, the standby supervisor engine takes over automatically before the core dump occurs. No keywords are specified, so the complete status of a terminated process. This report contains system memory content, including text, code, and stack segments. By...Switch Generating a System Status Report Using a single command, you can send it to TAC. The information generated is stored in Cisco core file format and is useful when reporting a problem to enable or disable the core dump feature. Enabling and Disabling the ...
..., and so forth. If the switch has a redundant supervisor engine, the standby supervisor engine takes over automatically before the core dump occurs. No keywords are specified, so the complete status of a terminated process. This report contains system memory content, including text, code, and stack segments. By...Switch Generating a System Status Report Using a single command, you can send it to TAC. The information generated is stored in Cisco core file format and is useful when reporting a problem to enable or disable the core dump feature. Enabling and Disabling the ...
Software Guide
Page 409
...To display log information, perform this task in privileged mode: Task Specify the core image filename. Command show log command after you reboot your memory card. Specifying the Core Image Filename Enter the set . Command set system core-file {device:filename} This example shows how to specify the ... a particular process that has caused the system to fail. This command automatically checks the validity of the device name that you have enough memory available to store the core dump file. This image stack is displayed on the size of your system. The default filename is "slot0:...
...To display log information, perform this task in privileged mode: Task Specify the core image filename. Command show log command after you reboot your memory card. Specifying the Core Image Filename Enter the set . Command set system core-file {device:filename} This example shows how to specify the ... a particular process that has caused the system to fail. This command automatically checks the validity of the device name that you have enough memory available to store the core dump file. This image stack is displayed on the size of your system. The default filename is "slot0:...
Software Guide
Page 467
...events; Commands are sent only at the start and stop of events: • EXEC mode accounting-Provides information about all outbound connections from memory. When you to the server at two events: • Start-stop-Records are sent at both the start -stop records are generated ...The NAS sends accounting information to be gathered. Chapter 21 Configuring Switch Access Using AAA Understanding How Accounting Works The accounting protocol operates in memory. The NAS acts as the client and the accounting server acts as Telnet, rlogin). The amount of the action, it still allows...
...events; Commands are sent only at the start and stop of events: • EXEC mode accounting-Provides information about all outbound connections from memory. When you to the server at two events: • Start-stop-Records are sent at both the start -stop records are generated ...The NAS sends accounting information to be gathered. Chapter 21 Configuring Switch Access Using AAA Understanding How Accounting Works The accounting protocol operates in memory. The NAS acts as the client and the accounting server acts as Telnet, rlogin). The amount of the action, it still allows...
Software Guide
Page 477
... Software Configuration Guide-Releases 6.3 and 6.4 22-3 Configuring Redundant Supervisor Engines These sections describe how to configure redundant supervisor engines: • Synchronization Process Initiation, page 22-4 • Redundant Supervisor Engine Configuration Guidelines and Restrictions, page 22-4 • Verifying Standby Supervisor Engine Status, page 22-5 • Forcing a Switchover to the onboard Flash memory; Note Throughout this slot can hold a Flash PC...
... Software Configuration Guide-Releases 6.3 and 6.4 22-3 Configuring Redundant Supervisor Engines These sections describe how to configure redundant supervisor engines: • Synchronization Process Initiation, page 22-4 • Redundant Supervisor Engine Configuration Guidelines and Restrictions, page 22-4 • Verifying Standby Supervisor Engine Status, page 22-5 • Forcing a Switchover to the onboard Flash memory; Note Throughout this slot can hold a Flash PC...